Docker Default Executable
A Default Executable is the command that will run when the container is started. It is defined in the Dockerfile as an ENTRYPOINT or CMD instruction. CMD and ENTRYPOINT instructions both define the startup command for a container. You can enter one or the other, or both in the Dockerfile. |
- This example runs the debian container and starts a shell. The default executable, the shell, is defined in the Dockerfile as a default executable.
- If a default executable is not specified in the Dockerfile and an argument is not given at the command line, the container will error out when called:
- Entry Point instruction
- Application runs as PID 1
- ENTRYPOINT gives a container its default nature or behavior, i.e. the container will always run the command given in the ENTRYPOINT instruction, unless overridden at the command line with the --entrypoint option.
- In the exec form, ENTRYPOINT can be used to define the default command and arguments. Optionally CMD can be added to supply optional arguments. CMD arguments can be overridden with command line arguments, e.g. an image built from the following Dockerfile:
- In the exec form, command line arguments, e.g. $ docker run
- With the following Dockerfile:
- Build an image, tagged with the name top and version 1:
- With the defined ENTRYPOINT, you can run the container as $ docker run --rm -t top:1:
- You can override the ENTRYPOINT instruction with the --entrypoint option:
- If there are multiple ENTRYPOINT instructions in the Dockerfile, only the last one will have an effect.
- In the EXEC form, the default executable is run directly by the kernel without a parent shell. As a result, it runs with a process ID (PID) of 1. And in Linux, if a process with PID 1 is terminated, the operating system is also terminated.
- A SIGTERM signal (or issuing CTRL-C) sent to the docker container will be passed to the default executable. As this is running as PID 1 in the Linux kernel, the application is terminated and the container is stopped
An ENTRYPOINT allows you to configure a container to behave as it were the configured default executable. It is typically used when you don't expect the user to override the executable in the ENTRYPOINT instruction. |
FROM ubuntu ENTRYPOINT ["top", "-b"] CMD ["-n 2"] |
FROM debian MAINTAINER neokobo.blogspot.com ENTRYPOINT ["top","-n 1"] |
- CMD (Command) Instruction
- Specified as CMD in the Dockerfile, e.g. CMD ["/bin/bash"]
- The command (is started as a subcommand of a shell, /bin/sh -c, as such it) does NOT run under PID 1 in the shell
- In this form, the command is prepended with /bin/sh -c:
- The CMD instruction allows the default executable to be overridden at the command line:
- As it's easier to override the CMD instruction at the command line, the recommendation is to use CMD instead of ENTRYPOINT in your Dockerfile when you want flexibility in choosing a container command at runtime.
"Cmd": [ "/bin/sh", "-c", "#(nop) ", "CMD [\"/bin/bash\"]" ], |
- Exec vs Shell Form
- Both CMD and ENTRYPOINT instructions support two forms: exec and shell.
- Arguments in the shell form is space-delimited, executable param1 param2:, e.g. CMD ps -ef:
- Arguments in the exec form are formatted as a JSON array, ["executable","param1","param2"], e.g.
FROM debian MAINTAINER neokobo.blogspot.com CMD ps -ef |
FROM debian MAINTAINER neokobo.blogspot.com CMD ["ps", "-ef"] |
Here's another example of the exec form, this time with the ENTRYPOINT instruction:
FROM debian MAINTAINER neokobo.blogspot.com ENTRYPOINT ["/bin/ping","bbc.co.uk","-c 1"] |
- Docker ENTRYPOINT Instruction: docs.docker.com/engine/reference/builder/#entrypoint
![]() |
Licensed under a Creative Commons Attribution 4.0 International License. |